MicroNet SP891 User manual

Brand: MicroNet

Model: SP891

Category: Routers

Type: User manual

User’s Manual

Multi-WAN Security Gateway

Model No.: SP891

World Wide Web: www.micronet.com.tw ; www.micronet.info

Table of Content

-------------------------------------------------------------------------------------------------------------------------

1. INTRODUCTION ................................................................................................................. 4

1.1 Package Contents.............................................................................4

1.2 Features............................................................................................5

1.3 System Requirement.........................................................................5

1.4 Physical Description..........................................................................6

2. INSTALLATION................................................................................................................... 8

2.1 Hardware Installation.........................................................................8

2.2 Access Router...................................................................................8

3. BASIC CONFIGURATION ................................................................................................ 15

3.1 Primary Setup..................................................................................15

3.2 LAN & DHCP...................................................................................17

4. ADVANCED PORT SETUP............................................................................................... 20

4.1 Port Options ....................................................................................20

4.2 Load Balance ..................................................................................22

4.3 Advanced PPPoE............................................................................23

4.4 Advanced PPTP..............................................................................24

5. ADVANCED CONFIGURATION ....................................................................................... 27

5.1 Host IP Setup..................................................................................27

5.2 Routing............................................................................................29

5.3 Virtual Servers.................................................................................31

5.4 Special Applications ........................................................................34

5.5 Dynamic DNS..................................................................................35

5.6 Multi DMZ........................................................................................37

5.7 UPnP...............................................................................................38

5.8 NAT Setup.......................................................................................38

5.9 Advanced Features.........................................................................40

6. SECURITY MANAGEMENT ............................................................................................. 43

6.1 URL Filter ........................................................................................43

6.2 Access Filter....................................................................................44

6.3 Session Limit...................................................................................45

6.4 SysFilter Exception .........................................................................46

7. QOS CONFIGURATION.................................................................................................... 48

7.1 QoS Setup.......................................................................................48

7.2 QoS Policy.......................................................................................49

8. MANAGEMENT ASSISTANT............................................................................................ 50

8.1 Administration Setup.......................................................................50

8.2

Email Alert.......................................................................................51

8.3 SNMP..............................................................................................52

8.4 Syslog..............................................................................................53

8.5 Upgrade Firmware ..........................................................................54

9. SYSTEM INFORMATION.................................................................................................. 56

9.1 System Status .................................................................................56

9.2 WAN Status.....................................................................................58

10. SPECIFICATIONS............................................................................................................. 61

APPENDIX C TROUBLESHOOTING ......................................................................................... 62

1. Introduction

Micronet SP891 Multi-WAN Security Gateway is equipped with two WAN ports for different

kinds of Internet access (xDSL/Cable/Fixed IP) to satisfy high Internet bandwidth demands

in enterprise environments. Network administrators may bind different kinds of Internet

access to designated WAN interfaces to enable load balancing for optimization of network

loading. Dual WAN ports also provide fail-over function. If one line goes down, the other

will automatically take control to ensure continuous network connection. SP891's highly

configurable built-in network firewall provides you with the power to choose specific

services allowed through your network, while keeping all malicious Internet attackers out.

SP891 also provides simple Web-based interface, and it will help network administrators to

set up the router just in few minutes.

1.1 Package Contents

Verify your package contains the following items:

z SP891 Multi-WAN Security Gateway

z Quick Installation Guide

z Manual CD

z Power Adapter

z RJ-45 cable

1.2 Features

Micronet SP891 provides the following features:

z Provide 2 WAN ports for Load Balance and outbound fail-over function to ensure

Internet service always available

z Provide 4 ports of 10/100M Ethernet for connecting to a home or office network

z Support Priority QoS by source and destination IP, MAC address and QoS-ToS service

types for best resource allocation

z Provide firewall protection based on DoS, SPI, Ping to Death, Port scan and Access

Control

z Support URL filter, Access filter and session limit for restricting inappropriate

transmission

z Support multi-DMZ, Virtual Server and Special Application functions for Internet Service

hosting

z Support IPsec and PPTP VPN Pass Through

z Support DDNS for dynamic IP environment

z Support Universal Plug and Play (UPnP) for peer-to-peer network connectivity

z Support NAT to share single account with multiple workstations

z Support easy management via Web UI, SNMP, Email alert and Syslog

z Firmware upgradeable for further function enhanced

1.3 System Requirement

z One External xDSL (ADSL) or Cable modem with an Ethernet port (RJ-45)

z Network Interface Card (NIC) for each Personal Computer (PC)

z PCs with a Web-Browser (Internet Explorer 4.0 or higher, or Netscape Navigator 4.7 or

higher)

1.4 Physical Description

1.4.1 Front Panel

SP891 Front Panel

POWER LED

This LED comes on when the router is properly connected to power.

Port LEDs

Every RJ-45 port on the front panel relevant two LEDs (10/100M; LINK/ACT) for indicating

the connection speed and activity status.

LEDs Status

Please refer to the following table for LED definition

LED Status Operation

Steady Green Power is on

Power

Off Power is off

Steady Green Firmware unloaded or Hardware error

Off Normal operation

System

Blinking Transmitting or receiving data

Steady Green Network connection established

Off No connection established

LINK/ACT

Blinking Transmitting or receiving data

Steady Green 100M network connection established

LAN

10/100M

Off 10M network connection established

Steady Green Network connection established

WAN

10/100M

Off No connection established

Also, some Status and Error conditions are indicated by combinations of LEDs, as shown

below

LED Action Condition

WAN1 LINK/ACT & 10M/100M LEDs flash alternatively. Firmware Download in

Progress.

WAN1 LINK/ACT & 10M/100M LEDs flash concurrently. MAC address not

assigned.

WAN1 LINK/ACT & 10M/100M LEDs solid On

SDRAM error

WAN2 LINK/ACT & 10M/100M LEDs solid On Timer/Interrupt error

LAN1 LINK/ACT & 10M/100M LEDs solid On LAN/WAN error

1.4.2 Rear Panel

SP891 Rear Panel

DC 5V Connect the supplied power adapter here.

WAN 2 Connect the 2

Broadband Modem here, if available.

Reset When pressed and released, the router will reboot (restart) within

1 second and resets to default over 3 seconds.

(Please refer to default setting below)

LAN Ports Connect the PCs to these ports. Both 10BaseT and 100BaseT

connections can be used simultaneously.

Note:

Any port will automatically operate as an "Uplink" port if required.

Just use a normal LAN cable to connect to a normal port on

another hub.

WAN 1 Connect the primary Broadband Modem here.

z Default Settings

When the router has finished booting, all configuration settings will be set to the factory

defaults, including:

IP Address: 192.168.1.1

Network Mask: 255.255.255.0

DHCP Server: enabled

User Name: admin

Password cleared (no password)

2. Installation

2.1 Hardware Installation

1. Power all devices down, including PCs, your DSL/Cable modem and SP891.

2. Connect a network cable from one of your PC’s Ethernet port to one of LAN port on the

back of the SP891.

3. Connect the network cable from your DSL/Cable modem to the WAN port of the SP891.

4. Connect the power adapter to the power jack on the rear of SP891, and then plug the

power adapter into the power outlet.

5. Power on the DSL/Cable modem.

2.2 Access Router

Below is a step-by-step instruction on how to access the SP891 from your PCs and get

connection to the Internet.

1. Please set your LAN PC clients to “Obtain an IP Address automatically” so that it can

obtain an IP address from DHCP server. (If you have already configured your PC to

obtain an IP automatically then proceed to step 3).

For all non-Server versions of Windows, the default TCP/IP setting is to act as a DHCP

client. Just start (or restart) your PC, and it will obtain an IP address from the Router.

By default, the SP891 will act as a DHCP Server, automatically providing a suitable IP

Address (and related information) to each PC when the PC boots. This section will

show you how to configure your PC’s for either Windows 95/98/Me, 2000, NT operating

systems, Macintosh or Linux. For other operating systems (Macintosh, Sun, etc.),

follow the manufacturer’s instructions.

y Windows 95/98/Me

a. Click the Start button and select Settings, then click Control Panel. The

Control Panel window will appear.

b. Double-click Network icon. The Network window will appear.

c. Check your list of Network Components. If TCP/IP is not installed, click the Add

button to install it now. If TCP/IP is installed, go to step 6.

d. In the Network Component Type dialog box, select Protocol and click Add

button.

e. In the Select Network Protocol dialog box, select Microsoft and TCP/IP and

then click the OK button to start installing the TCP/IP protocol. You may need

your Windows CD to complete the installation.

f. After installing TCP/IP, go back to the Network dialog box. Select TCP/IP from

the list of Network Components and then click the Properties button.

g. Check each of the tabs and verify the following settings:

 Bindings: Check Client for Microsoft Networks and File and printer sharing

for Microsoft Networks.

 Gateway: All fields are blank.

 DNS Configuration: Select Disable DNS.

 WINS Configuration: Select Disable WINS Resolution.

 IP Address: Select Obtain IP address automatically.

h. Reboot the PC. Your PC will now obtain an IP address automatically from your

Broadband Router’s DHCP server. Once you’ve configured your PC to obtain

an IP address automatically, please proceed to Step 3.

Note: Please make sure that the Broadband router’s DHCP server is the only

DHCP server available on your LAN.

y Windows XP

a. Click the Start button and select Settings, then click Network Connections. The

Network Connections window will appear.

b. Double-click Local Area Connection icon. The Local Area Connection window

will appear.

c. Check your list of Network Components. You should see Internet Protocol

[TCP/IP] on your list. Select it and click the Properties button.

d. In the Internet Protocol (TCP/IP) Properties window, select Obtain an IP

address automatically and Obtain DNS server address automatically as

shown on the following screen.

e. Click OK to confirm the setting. Your PC will now obtain an IP address

automatically from your Broadband Router’s DHCP server. Once you’ve

configured your PC to obtain an IP address automatically, please proceed to

Step 3.

Note: Please make sure that the Broadband router’s DHCP server is the only

DHCP server available on your LAN.

y Windows 2000

a. Click the Start button and select Settings, then click Control Panel. The

Control Panel window will appear.

b. Double-click Network and Dial-up Connections icon. In the Network and

Dial-up Connection window, double-click Local Area Connection icon. The

Local Area Connection window will appear.

c. In the Local Area Connection window, click the Properties button.

d. Check your list of Network Components. You should see Internet Protocol

[TCP/IP] on your list. Select it and click the Properties button.

e. In the Internet Protocol (TCP/IP) Properties window, select Obtain an IP

address automatically and Obtain DNS server address automatically as

shown on the following screen.

f. Click OK to confirm the setting. Your PC will now obtain an IP address

automatically from your Broadband Router’s DHCP server. Once you’ve

configured your PC to obtain an IP address automatically, please proceed to

Step 3.

Note: Please make sure that the Broadband router’s DHCP server is the only

DHCP server available on your LAN.

y Windows NT

a. Click the Start button and select Settings, then click Control Panel. The

Control Panel window will appear.

b. Double-click Network icon. The Network window will appear. Select the

Protocol tab from the Network window.

c. Check if the TCP/IP Protocol is on your list of Network Protocols. If TCP/IP is

not installed, click the Add button to install it now. If TCP/IP is installed, go to

step 5.

d. In the Select Network Protocol window, select the TCP/IP Protocol and click

the Ok button to start installing the TCP/IP protocol. You may need your

Windows CD to complete the installation.

e. After you install TCP/IP, go back to the Network window. Select TCP/IP from

the list of Network Protocols and then click the Properties button.

f. Check each of the tabs and verify the following settings:

 IP Address: Select Obtain an IP address from a DHCP server.

 DNS: Let all fields are blank.

 WINS: Let all fields are blank.

 Routing: Let all fields are blank.

g. Click OK to confirm the setting. Your PC will now obtain an IP address

automatically from your Broadband Router’s DHCP server. Once you’ve

configured your PC to obtain an IP address automatically, please proceed to

Step 3.

Note: Please make sure that the Broadband router’s DHCP server is the only

DHCP server available on your LAN.

y Macintosh Clients

From your Macintosh, you can access the Internet via the Router. The procedure is

as follows.

1. Open the TCP/IP Control Panel.

2. Select Ethernet from the Connect via pop-up menu.

3. Select Using DHCP Server from the Configure pop-up menu. The DHCP Client

ID field can be left blank.

4. Close the TCP/IP panel, saving your settings.

Note:

If using manually assigned IP addresses instead of DHCP, the required changes

are:

• Set the Router Address field to the Router’s IP Address.

• Ensure your DNS settings are correct.

y Linux Clients

To access the Internet via the Router, it is only necessary to set the Router as the

"Gateway", and ensure your Name Server settings are correct.

Ensure you are logged in as "root" before attempting any changes.

 Fixed IP Address

By default, most UNIX installations use a fixed IP Address. If you wish to

continue using a fixed IP Address, make the following changes to your

configuration.

1. Set your Default Gateway to the IP Address of the Router.

2. Ensure your DNS (Name server) settings are correct.

 To act as a DHCP Client (recommended)

The procedure below may vary according to your version of Linux and X

-windows shell.

1. Start your X Windows client.

2. Select Control Panel - Network

3. Select the "Interface" entry for your Network card. Normally, this will be

called "eth0".

4. Click the Edit button, set the "protocol" to "DHCP", and save this data.

5. To apply your changes

Use the "Deactivate" and "Activate" buttons, if available.

OR, restart your system.

2. Restart your computer if necessary.

3. Open the Internet Explorer and type http://192.168.1.1

(broadband router’s IP address)

into the browser address window to access the SP891.

4. You will see the Login information request page popping up as shown below. Key in the

user name field as “admin” and leave the password field blank.

Note: By default the password is empty. For security reasons it is recommended that

you change the password as soon as possible.

5. The home page will show up after login in process as the figure below.

6. In the “Basic Configure” field, select “Primary Setup” from the menu and configure

WAN 1 and/or WAN 2 as required. Please fill in the information necessary to access the

Internet.

3. Basic Configuration

SP891 provides a web-based interface, allowing users to configure and manage the router

remotely from web browser.

3.1 Primary Setup

Select Primary Setup from the menu, to see a screen like the example below.

• Configure WAN 1 and/or WAN 2 as required.

• For any of the following situations, refer to Chapter 3.2: Advanced Port Setup for any

further configuration, which may be required.

 Using both ports

 Multiple IP addresses on either port

 Multiple PPPoE sessions

 PPTP connection method

Figure: Primary Setup

Settings – Primary Setup

Connection

• Interface – Select which WAN (WAN1 or WAN2) to be setup.

• Connection Mode

Select the appropriate setting:

 Enable – Select this if you have connected a broadband

modem to this port.

 Disable – Select this if there is no broadband modem

connected to this port.

 Backup – Use this if you have a broadband modem on

each port, and wish to normally use only one. Select Enable

for the primary port, and Backup for the secondary port. The

Backup port will only be used if the primary port fails.

• Connection Type

Check the data supplied by your ISP, and select the appropriate

option.

 Static IP – Select this if your ISP has provided a Fixed or

Static IP address. Then enter the data into the Address

Info fields.

 Dynamic IP – Select this if your ISP provides an IP

address automatically, when you connect. You can ignore

the Address Info fields.

 PPPoE – Select this if your ISP uses this method.

(Usually, your ISP will provide some PPPoE software. This

software is no longer required, and should not be used.)

If this method is selected, you must complete the PPPoE

dialup fields.

• PPTP Connection – This is for PPTP users only.

1. Enter the Username and Password provided by your ISP.

2. If using PPTP, enable the PPTP Connection checkbox, and

enter the IP address of the PPTP server.

Note:

If using the PPTP connection method, select Static IP or Dynamic IP,

as appropriate; according to the IP address method used by your ISP.

Address

Information

This is for Static IP users only. Enter the address information provided

by your ISP. If your ISP provided multiple IP address, you can use the

Multi-DMZ screen to assign the additional IP addresses.

DNS

(Optional for

dynamic IP)

If using a Fixed IP address, you MUST enter at least 1 DNS address.

If using Dynamic IP or PPPoE, DNS information is optional.

Optional

• Host name – This is required by some ISPs. If your ISP has

provided a Host Name, enter it here. Otherwise, you can use the

default value.

• Domain name – This is required by some ISPs. If your ISP

provide a Domain Name, enter it here. Otherwise, you can use the

default value.

• MAC address – Some ISP's record your MAC address (also

called "Physical address" or "Network Adapter address"). If so,

you can enter the MAC address expected by your ISP in this field.

Otherwise, this should be left at the default value.

Setup of the Router is now completed. PCs on your LAN must now be configured. See the

following section for details.

3.2 LAN & DHCP

Select LAN & DHCP from the menu. You will see a screen like the example below.

These screens and settings are provided to deal with non-standard situations, or to

provide additional options for advanced users.

Existing DHCP Server

If your LAN already has a DHCP Server, and you wish to continue using it, the following

configuration is required.

y The DHCP Server function in the Router must be disabled.

y Your DHCP Server must be configured to provide the Router's LAN IP address as the

"Default Gateway".

y Your DHCP Server must provide correct DNS addresses to the PCs.

Figure: LAN & DHCP

Settings – LAN & DHCP

LAN IP

Configuration

• IP address - for the Router, as seen from the local LAN.

Use the default value unless the address is already in use

or your LAN is using a different IP address range. In the

latter case, enter an unused IP Address from within the

range used by your LAN.

• Subnet Mask - The default value 255.255.255.0 is

standard for small (class "C") networks. For other networks,

use the Subnet Mask for the LAN segment to which the

Router is attached (the same value as the PCs on that LAN

segment).

Optional

Configuration

y DHCP Server Setup - If Enabled, the Router will allocate

IP Addresses to PCs (DHCP clients) on your LAN when

they start up. The default and recommended value is

"Enable". (Windows systems, by default, act as DHCP

clients. This setting is called Obtain an IP address

automatically.) If you are already using a DHCP Server,

the DHCP Server setting must be Disabled, and the

existing DHCP server must be set to provide the IP address

of the Router as the Default Gateway.

y LAN Any IP –By default is disabled. If you enable “LAN Any

IP”, that means no matter what static IP address hold on

the client (your PC). The client has do not need to change

the IP address, even though it has different IP segment

than LAN segment. It still can access Internet through NAT.

DHCP

Configuration

y Lease Time – It is a finite period of time for a DHCP server

lease an IP address to a client.

y DNS Server IP for Client – An IP address of the default

DNS server for the client requesting DHCP service.

y Offered IP Range fields set the values used by the DHCP

server when allocating IP Addresses to DHCP clients. This

range also determines the number of DHCP clients

supported.

View DHCP List

This table shows the IP addresses which have been allocated by

the DHCP Server. For each address which has been allocated,

the following information is shown.

Free Entry indicates how many DHCP entries are not currently

allocated, and still available.

• Name – The "hostname" of the PC. In some cases, this

may not be known.

• MAC Address – The physical address (network adapter

address) of the PC.

• IP Address – The IP address allocated to this PC.

• Type – Indicates IP address to be dynamic or static.

• Status – If Dynamic, the IP address was allocated by this

DHCP Server. If Sniffed, the IP address was detected by

examining the LAN, rather than allocated by the DHCP

Server. In this case, the Name is usually not known.

• Time Left – The time expired since which IP address is

leased.

4. Advanced Port Setup

Overview

y Port Options contains some options, which can be set on either or both WAN ports. For

most situations, the default values are satisfactory.

y Load Balance screen is only functional if you are using both WAN ports. It allows you to

determine the proportion of WAN traffic sent through each port.

y Advanced PPPoE setup is required if you wish to use multiple sessions on one or both

of the WAN ports. It can also be used to manually connect or disconnect a PPPoE

session. Otherwise, this screen can be ignored.

y Advanced PPTP setup is required if using the PPTP connection method.

4.1 Port Options

Figure: Port Options

Settings – Port Options

Interface

• WAN Ports – To select the WAN port for option settings

• MTU – The largest amount of data that can be transferred

across a given physical network. Ethernet limits transfers to

1500 octets of data. Normally, you should leave this value at

its default value. Change it only if the ISP is providing a MTU.

Connection

Health Check

• Method –

 ICMP: The health check is performed by sending an ICMP

echo request packet to the specific destination.

The specific destination ("Alive Indicator") could be either:

Page is loading ...

MicroNet SP891 User manual

Brand: MicroNet

Model: SP891

Category: Routers

Type: User manual

Download PDF

report

MicroNet SP891 User manual

MicroNet SP891 User manual

Related papers

Other documents